[ubuntu/impish-proposed] libssh 0.9.5-1ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Aug 26 16:00:12 UTC 2021


libssh (0.9.5-1ubuntu1) impish; urgency=medium

  * SECURITY UPDATE: possible heap-buffer overflow when rekeying
    - debian/patches/CVE-2021-3634.patch: create a separate length for
      session_id in include/libssh/crypto.h, src/gssapi.c, src/kdf.c,
      src/kex.c, src/libcrypto.c, src/messages.c, src/packet.c, src/pki.c,
      src/wrapper.c, tests/unittests/torture_session_keys.c.
    - CVE-2021-3634

Date: Wed, 18 Aug 2021 11:33:35 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/libssh/0.9.5-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Wed, 18 Aug 2021 11:33:35 -0400
Source: libssh
Built-For-Profiles: noudeb
Architecture: source
Version: 0.9.5-1ubuntu1
Distribution: impish
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 libssh (0.9.5-1ubuntu1) impish; urgency=medium
 .
   * SECURITY UPDATE: possible heap-buffer overflow when rekeying
     - debian/patches/CVE-2021-3634.patch: create a separate length for
       session_id in include/libssh/crypto.h, src/gssapi.c, src/kdf.c,
       src/kex.c, src/libcrypto.c, src/messages.c, src/packet.c, src/pki.c,
       src/wrapper.c, tests/unittests/torture_session_keys.c.
     - CVE-2021-3634
Checksums-Sha1:
 1f7d4a927cec9079b5e1237b4cf38be4c0cdbee4 2792 libssh_0.9.5-1ubuntu1.dsc
 78827917248c3bfd408e6b042f7897d85df48755 29032 libssh_0.9.5-1ubuntu1.debian.tar.xz
 d12c5949a91e9482486fd43e5a22687dd6b35d73 8459 libssh_0.9.5-1ubuntu1_source.buildinfo
Checksums-Sha256:
 96aa148dc6d268d288eb5981ce0c10e485f81cdb85e8369c933eab6f8e3a8f16 2792 libssh_0.9.5-1ubuntu1.dsc
 9867569d497ade3dc10f95d70cf6b79da4d1319033d149518e0e9a9f254bd830 29032 libssh_0.9.5-1ubuntu1.debian.tar.xz
 8c9d78c5532628a58cf41d919eca5340ebafdd58f050868103863a8e9141433c 8459 libssh_0.9.5-1ubuntu1_source.buildinfo
Files:
 bfabf4e50e3586eee4ad933ff6a567eb 2792 libs optional libssh_0.9.5-1ubuntu1.dsc
 e6156924c0c007028e4b5b8f53655d91 29032 libs optional libssh_0.9.5-1ubuntu1.debian.tar.xz
 4964fce0686dabc1e68e851e2f471771 8459 libs optional libssh_0.9.5-1ubuntu1_source.buildinfo
Original-Maintainer: Laurent Bigonville <bigon at debian.org>


More information about the impish-changes mailing list